[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldap falls without logs

To: Márcio Luciano Donada <mdonada@auroraalimentos.com.br>
Subject: Re: ldap falls without logs
From: Indexer <indexer@internode.on.net>
Date: Tue, 13 Jul 2010 21:19:15 +0930
Cc: Pablo Rodrigo Semprebom <pablo@auroraalimentos.com.br>, openldap-technical@openldap.org
In-reply-to: <4C3C5163.2070408@auroraalimentos.com.br>
References: <4C3C5163.2070408@auroraalimentos.com.br>

You likely need to setup syslogd to work with slapd. I dont remember how to do it in debian, so you may need to do some research

To check slapd is working, stop slapd and start it from the command line with slapd -d 256, and it will print the log to the console. If you have troubles from there you would be well advised to post the out otput of logs so we can help you.

William

On 13/07/2010, at 9:13 PM, Márcio Luciano Donada wrote:

> Hi list,
> I'm using debian lenny,[1], with openldap 2.4.11 and in many cases
> simply to LDAP, while not log information. My slapd.conf is:
> 
> # Global Directives:
> 
> # Features to permit
> allow bind_v2
> 
> # Schema and objectClass definitions
> include         /etc/ldap/schema/core.schema
> include         /etc/ldap/schema/cosine.schema
> include         /etc/ldap/schema/inetorgperson.schema
> include         /etc/ldap/schema/java.schema
> include         /etc/ldap/schema/misc.schema
> include         /etc/ldap/schema/nis.schema
> include         /etc/ldap/schema/openldap.schema
> include         /etc/ldap/schema/samba.schema
> include         /etc/ldap/schema/qmail.schema
> include         /etc/ldap/schema/authldap.schema
> include         /etc/ldap/schema/RADIUS-LDAPv3.schema
> include         /etc/ldap/schema/ppolicy.schema
> 
> # Where the pid file is put. The init.d script
> # will not stop the server if you change this.
> pidfile         /var/run/slapd/slapd.pid
> 
> # List of arguments that were passed to the server
> argsfile        /var/run/slapd/slapd.args
> 
> # Read slapd.conf(5) for possible values
> loglevel        256
> 
> # Where the dynamically loaded modules are stored
> modulepath      /usr/lib/ldap
> moduleload      syncprov
> moduleload      back_monitor
> moduleload      back_bdb
> moduleload      ppolicy
> moduleload      unique
> moduleload      back_ldap
> 
> # TLS
> TLSVerifyClient demand
> TLSCACertificateFile    /etc/ldap/ssl/server.pem
> TLSCertificateFile      /etc/ldap/ssl/server.pem
> TLSCertificateKeyFile   /etc/ldap/ssl/server.pem
> 
> # The tool-threads parameter sets the actual amount of cpu's that is used
> # for indexing.
> tool-threads    16
> threads         32
> #######################################################################
> # Specific Backend Directives for hdb:
> # Backend specific directives apply to this backend until another
> # 'backend' directive occurs
> 
> backend         bdb
> #######################################################################
> # Specific Backend Directives for 'other':
> # Backend specific directives apply to this backend until another
> # 'backend' directive occurs
> #backend                <other>
> 
> #######################################################################
> # Specific Directives for database #1, of type hdb:
> # Database specific directives apply to this databasse until another
> # 'database' directive occurs
> database        monitor
> database        bdb
> 
> # The base of your directory in database #1
> suffix          "dc=xxx,dc=com,dc=br"
> rootdn          "cn=suporte,dc=xxx,dc=com,dc=br"
> rootpw          blablabla
> overlay         unique
> unique_uri      ldap:///?mail?sub?
> overlay         syncprov
> syncprov-checkpoint 100 10
> syncprov-sessionlog 100
> 
> # Where the database file are physically stored for database #1
> directory       "/var/lib/ldap"
> idletimeout     30
> checkpoint      128     15
> cachesize       100000
> lastmod         on
> sizelimit unlimited
> 
> index   objectClass     eq
> index   cn              pres,sub,eq
> index   sn              pres,sub,eq
> index   uid             pres,sub,eq
> index   displayName     pres,sub,eq
> index   uniqueMember    eq
> index   uidNumber       eq
> index   gidNumber       eq
> index   memberUID       eq
> index   mailAlternateAddress    eq
> index   MailForwardingAddress   eq
> index   mail    pres,sub,eq
> index   default sub
> index   sambaSID,sambaPrimaryGroupSID,sambaDomainName   eq
> index   sambaSIDList,sambaGroupType     eq
> index   givenName       pres,sub,eq
> index   homePhone       eq
> index   shadowExpire,shadowLastChange,shadowMax,shadowWarning   eq
> index   entryCSN,entryUUID      eq
> 
> # Ensure read access to the base for things like
> # supportedSASLMechanisms.  Without this you may
> # have problems with SASL not knowing what
> # mechanisms are available and the like.
> # Note that this is covered by the 'access to *'
> # ACL below too but if you change that as people
> # are wont to do you'll still need this if you
> # want SASL (and possible other things) to work
> # happily.
> 
> # ACLs
> access  to attrs=userPassword,sambaLMPassword,sambaNTPassword
>        by self write
>        by anonymous auth
>        by * none
> 
> access to *
>        by * read
> 
> 
> P.S. note that the loglevel is 256 and I have no record of trouble.
> 
> [1]. Linux ldap 2.6.26-2-686 #1 SMP Wed Aug 19 06:06:52 UTC 2009 i686
> GNU/Linux
> -- 
> Márcio Luciano Donada <mdonada -at- auroraalimentos -dot- com -dot- br>
> Aurora Alimentos - Cooperativa Central Oeste Catarinense
> Departamento de T.I.

References:
- ldap falls without logs
  - From: Márcio Luciano Donada <mdonada@auroraalimentos.com.br>

Prev by Date: ldap falls without logs
Next by Date: need an overlay for rewriting attribute values
Index(es):
- Chronological
- Thread